>(paid for), and I think that means a manual process to update the HMC >web cert/key every year. Or is there an easier way?
I don't know. I am more of a certificate theory expert than a z certificate practice expert. It is true that no commercial CA issues certificates good for much more than one year. (Their Web sites may talk about their two-year and five-year plans, but trust me, the certificates are only good for 13 months.) It does sound like a PITA. https://letsencrypt.org/ provides free automated "real CA" certificates. IIRC they only support requests made using the "ACME" automation protocol. Will the HMC support that? Charles On Tue, 29 Aug 2023 10:13:59 -0700, Tom Brennan <t...@tombrennansoftware.com> wrote: >I trust your certificate experience. But let's get back to the HMC >issue for a second. So the only secure way to get rid of the Firefox >warnings and red messages is to use an externally-signed certificate >(paid for), and I think that means a manual process to update the HMC >web cert/key every year. Or is there an easier way? ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN